Has increased media attention on cybersecurity improved communication between board leadership and CIOs/CISOs?
CEO in Software, 11 - 50 employees
The best time for a CISO is to come in right after a major failure. Because at that point in time, the world says, "You're the most important person." Before that, everything you do is considered an extra or a cost that actually reduces customers’ ability to use our environment as efficiently and effectively as I'd like them to, whether they're employees or external customers. That's a sad state of affairs.CIO in Telecommunication, 1,001 - 5,000 employees
Our board is very well engaged. I report into the Audit Committee, which also has a cybersecurity component. Every quarter since we established the CISO organization, we present our roadmap. We also meet with a couple of our board members quarterly for guidance and to find out what they are seeing in the broader industry. They sit on various other boards, so it's good to get their input.I've been with Viavi for a couple years now in the CIO role and when I joined, there was no CISO organization. I said that we need to have a dedicated service organization, it cannot be embedded within an organization. So we created three competencies within IT. One is business applications, planned operations and cybersecurity, so we appointed a CISO. And we also looked at benchmarks for the industry standard of how much spend is ideal for a CISO organization. If you don't allocate a resource, both in terms of manpower and budget, it's a CISO in name only. You need to empower those teams to make sure that they get the things done.
Content you might like
Yes, business is a stakeholder in society and should take a public position62%
No, it is not the role of business to take a position on social challenges32%
Not sure6%
218 PARTICIPANTS
Our team will have the option to work remotely for all or part of the week42%
Our team will return to the office as soon as it is safe to do so32%
Our team will permanently work remotely13%
Our team has already returned to the office10%
Our team never left the office to work remotely1%
Undecided2%
204 PARTICIPANTS
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees
I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more
But this situation is not an outlier. I see this happening across organizations where the relationship between the board and the CIO is not strong, and they're not having transparent, candid conversations. I can give you plenty more examples of publicly traded companies in which CIO and board don't have a good relationship if they have a relationship at all. And if that gap is a problem, the gap between the board and the CISO is an even bigger problem. There's not enough conversation or work to try and close that gap. And that's part of the core issue with cybersecurity—that's the big elephant in the room.